Windows 10 - Windows Update unter Kontrolle

[email protected]

gehört zum Inventar
Hallo @Henry,

genau diesen Weg habe ich in #19 erwähnt und per Screenshot abgebildet. In KMU (oder Privat) kann man das eben per GPEdit oder Policies via Registry-Import auch so "festnageln", um unbedarfte "Bastler" etwas auf Distanz zu halten:hammer.
 
Anzeige

[email protected]

gehört zum Inventar
2.1 Änderungen PowerShell-Skript (Version 20H2, Build 10.0.19042)

Hide_Windows_Updates.ps1
# Hide Windows Updates
# [email protected]

Function Get-WindowsUpdate {

[Cmdletbinding()]
Param()

Process {
Write-Verbose "Getting Windows Update"
$Session = New-Object -ComObject Microsoft.Update.Session
$Searcher = $Session.CreateUpdateSearcher()
$Criteria = "(IsInstalled = 0 AND DeploymentAction = 'Installation') OR (IsPresent = 1 AND DeploymentAction = 'Uninstallation') OR (IsInstalled = 1 AND DeploymentAction = 'Installation' AND RebootRequired = 1) OR (IsInstalled = 0 AND DeploymentAction = 'Uninstallation' AND RebootRequired = 1) OR (IsInstalled = 0 AND BrowseOnly = 0 AND AutoSelectOnWebSites = 0) OR (IsInstalled = 0 AND BrowseOnly = 0 AND AutoSelectOnWebSites = 1) OR (IsInstalled = 0 AND BrowseOnly = 1 AND AutoSelectOnWebSites = 0) OR (IsInstalled = 0 AND BrowseOnly = 1 AND AutoSelectOnWebSites = 1)"
$SearchResult = $Searcher.Search($Criteria)
$SearchResult.Updates
}
}

Function Set-WindowsHiddenUpdate {

[Cmdletbinding()]
Param(
[Parameter(ValueFromPipeline=$true,Mandatory=$true)]
[System.__ComObject[]]$Update,
[Parameter(Mandatory=$true)]
[boolean]$Hide
)

Process {
$Update | ForEach-Object -Process { $_.isHidden = $Hide }
}
}

Get-WindowsUpdate | Set-WindowsHiddenUpdate -Hide:$true
Get-WindowsUpdate | Where { $_.Title -match 'Definitionsupdate' } | Set-WindowsHiddenUpdate -Hide:$false
Get-WindowsUpdate | Where { $_.Title -match 'Sicherheitsupdate' } | Set-WindowsHiddenUpdate -Hide:$false
Get-WindowsUpdate | Where { $_.Title -match 'Kumulatives Update' } | Set-WindowsHiddenUpdate -Hide:$false
Get-WindowsUpdate | Where { $_.Title -match 'Update für Microsoft' } | Set-WindowsHiddenUpdate -Hide:$false
Get-WindowsUpdate | Where { $_.Title -match 'Vorschau' } | Set-WindowsHiddenUpdate -Hide:$true
Get-WindowsUpdate | Where { $_.Title -match 'Preview' } | Set-WindowsHiddenUpdate -Hide:$true
Get-WindowsUpdate | Where { $_.Title -match 'Windows-Tool zum Entfernen bösartiger Software' } | Set-WindowsHiddenUpdate -Hide:$false


Die hier dokumentierte Konfigurationsdatei ist im ZIP-Archiv "Windows Update_20H2.zip" enthalten.
 

Anhänge

  • Windows Update_20H2.zip
    755 Bytes · Aufrufe: 41
Oben